[GHC] #7635: SafeHaskell implying other options
GHC
cvs-ghc at haskell.org
Mon Jan 28 17:07:12 CET 2013
#7635: SafeHaskell implying other options
----------------------------------------+-----------------------------------
Reporter: shachaf | Owner:
Type: feature request | Status: new
Priority: normal | Component: Compiler
Version: 7.6.1 | Keywords:
Os: Unknown/Multiple | Architecture: Unknown/Multiple
Failure: GHC accepts invalid program | Blockedby:
Blocking: | Related:
----------------------------------------+-----------------------------------
There have been several type checker bugs -- including #7453 and #7354 --
that have led to type-checker unsafeCoerce/panic/etc., which is a problem
under SafeHaskell. In many cases the issue is caught by `-dcore-lint`. I'm
not sure how much overhead core-linting has, but it seems like it could be
a good idea to turn it on by default at least when SafeHaskell is on.
Right now it's listed as a "compiler debugging option", but it seems that
common wisdom is that you should use it if you care about security. Should
you also use `stg-lint`/`cmm-lint`? Any other options? This should be
clearly documented.
Relatedly: Earlier today someone was running a Haskell-evaluating IRC bot.
It was running with SafeHaskell, but also happened to have
GeneralizedNewtypeDeriving turned on, which made it possible to derive
`unsafeCoerce`. Should more care be taken that unsafe options are never
turned on at the same time as SafeHaskell?
(Continued from #7354.)
--
Ticket URL: <http://hackage.haskell.org/trac/ghc/ticket/7635>
GHC <http://www.haskell.org/ghc/>
The Glasgow Haskell Compiler
More information about the ghc-tickets
mailing list